Emails And Passwords Stolen As Evernote Gets Hacked

Evernote, the cloud notetaking service has been hacked. The company disclosed today that an as yet unidentified hacker has compromised their servers and has made off with usernames, email addresses and passwords, though the latter are encrypted.

If you use Evernote then go and change your password now!

Evernote have responded quickly by instigating a mandatory password reset for all their customers – if you have an account you’ll be required to pick a new password next time you attempt to login. This would seem to be just a precautionary measure though as,

“In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.”Evernote blog

Evernote also said that the passwords, which are hashed and salted (read more on hashing and salting passwords), were first targeted back on February 28th –

“On February 28th, the Evernote Operations & Security team became aware of unusual and potentially malicious activity on the Evernote service that warranted a deeper look.”Techcrunch

If you are having trouble accessing Evernote’s web site then they are also keeping users up to date with the latest info via their Twitter account –

If you’re having trouble reaching our blog, you can read the same content on this page: ow.ly/id26O

Though nothing is certain I wonder if this has anything to do with the problems at Zendesk recently?

Related posts:

Yahoo Xtra: Customer Emails Hacked Thus far the full nature of the attack is not known but users' contact lists were used to send emails out, urging recipients to click on a link which one...

Twitter DMARC Phishing Emails Twitter.com announced yesterday that they have introduced a new technology to help minimise the risk of users being tricked by phishing emails. That technology is called Domain-based Message Authentication, Reporting...

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.